Am Montag, dem 17.05.2021 um 16:04 -0500 schrieb Darin Pettis: > Hi Stephen, > Thanks for the quick reply as I know it is getting late in Ireland. > > I’m sure you do remember the conversation as you spent a lot of time > at the microphone around it. :-) > > It is certainly not an easy question to answer but this group > comprises the smartest people that I know!! Surely someone must be > up for the challenge as fully half of the people in that London hall > voiced the need for it. Furthermore, when the day comes that TLS 1.2 > can’t be used anymore, for whatever the reason, this need is going to > come racing down the tracks… > > So, while everyone is breathing easy right now, it would be great to > address the need proactively. >
In my eyes the problem (use case) statement is a bit dishonest in this context. Enterprises need control over data. What this proposal tries to offer though is snooping/eavesdropping. And control is proxy (mitm) when you openly and actively control data flow and do not pretend that you are not here. In addition to already mentioned integrity leakage via cookie this proposal also compromises other security (integrity) controls such as TLS channel binding. And again it pretends to be opt-in but in the landscape of current base-line threat-model it's just an invitation to exploit it (send/leak the keys to malicious party). Regards, Ruslan _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
